Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2010-4690

Malware in sbrugna...

10CVSS6.3AI score0.01882EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-2995

Malicious code in bioql PyPI...

7.5CVSS6.2AI score0.03463EPSS
Exploits1References15
Mageia
Mageia
added 2023/04/24 12:20 a.m.41 views

Updated php-smarty packages fix security vulnerability

Cross site scripting vulnerability in Javascript escaping. CVE-2023-28447 Additional bug fixes included. See referenced release notes for details...

7.1CVSS6.2AI score0.01025EPSS
Exploits0References5
OSV
OSV
added 2023/01/24 7:58 a.m.11 views

MGASA-2023-0014 Updated php-smarty packages fix security vulnerability

It was discovered that there was a potential cross-site scripting vulnerability in smarty3, a widely-used PHP templating engine. In Smarty before 3.1.47 and 4.x before 4.2.1, libs/plugins/function.mailto.php allows XSS. A web page that uses smartyfunctionmailto, and that could be parameterized...

5.4CVSS5.9AI score0.00826EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2022/04/13 12:0 a.m.7 views

The vulnerability of the implementation of the isTrustedResourceDir method in the Smarty_Security template handler for PHP Smarty allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the isTrustedResourceDir method in the SmartySecurity template handler class for PHP Smarty is related to errors in restricting access to directories with limited permissions. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected...

7.8CVSS6.5AI score0.03463EPSS
Exploits1References14Affected Software3
OSV
OSV
added 2014/11/21 12:44 p.m.6 views

MGASA-2014-0469 Updated php-smarty packages fix security vulnerability

Smarty before 3.1.21 allows remote attackers to bypass the secure mode restrictions and execute arbitrary PHP code as demonstrated by "literal" in a template CVE-2014-8350...

7.5CVSS7.2AI score0.03127EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2014/11/03 4:55 p.m.18 views

CVE-2014-8350

Smarty before 3.1.21 allows remote attackers to bypass the secure mode restrictions and execute arbitrary PHP code as demonstrated by "literal" in a template...

7.5CVSS6.2AI score0.03127EPSS
Exploits1References1
Rows per page
Query Builder